Overview

overview

10

Static

static

3

abe4a77f82...JC.exe

windows7-x64

7

abe4a77f82...JC.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 11:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5_JC.exe

  • Size

    6.5MB

  • MD5

    947fbbb807b42bf2ae01de576b7d40ca

  • SHA1

    865a20b4f73aaaa70168c02b7029993a48925242

  • SHA256

    abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5

  • SHA512

    d3891246794c815891cf086bb382cec0ab5c76b1e3bd8869e88e180434f3b2a739d216cee16008be254902bf307448d9023ce01a0319c06a7cde621884224b6f

  • SSDEEP

    98304:eK81CIfoUNdmMD/x/0feyGgatbQ940BDlgwdnpka9R/k9t+2N6btq4Gt+N+wAuKT:eKLPOdHDfyGgqwBdnpkYRMjahow6LP

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2284
    • C:\Users\Admin\AppData\Local\Temp\abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5_JC.exe
      "C:\Users\Admin\AppData\Local\Temp\abe4a77f82050db5ae113a9d7a6f617573e1195dcb4344e71f7c245e75898eb5_JC.exe"
      2⤵
      • Loads dropped DLL
      PID:2676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-file-l1-2-0.dll
    Filesize

    12KB

    MD5

    49e3260ae3f973608f4d4701eb97eb95

    SHA1

    097e7d56c3514a3c7dc17a9c54a8782c6d6c0a27

    SHA256

    476fbad616e20312efc943927ade1a830438a6bebb1dd1f83d2370e5343ea7af

    SHA512

    df22cf16490faa0dc809129ca32eaf1a16ec665f9c5411503ce0153270de038e5d3be1e0e49879a67043a688f6c42bdb5a9a6b3cea43bf533eba087e999be653

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-file-l2-1-0.dll
    Filesize

    12KB

    MD5

    7f14fd0436c066a8b40e66386ceb55d0

    SHA1

    288c020fb12a4d8c65ed22a364b5eb8f4126a958

    SHA256

    c78eab8e057bddd55f998e72d8fdf5b53d9e9c8f67c8b404258e198eb2cdcf24

    SHA512

    d04adc52ee0ceed4131eb1d133bfe9a66cbc0f88900270b596116064480afe6ae6ca42feb0eaed54cb141987f2d7716bb2dae947a025014d05d7aa0b0821dc50

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    15KB

    MD5

    71457fd15de9e0b3ad83b4656cad2870

    SHA1

    c9c2caf4f9e87d32a93a52508561b4595617f09f

    SHA256

    db970725b36cc78ef2e756ff4b42db7b5b771bfd9d106486322cf037115bd911

    SHA512

    a10fcf1d7637effff0ae3e3b4291d54cc7444d985491e82b3f4e559fbb0dbb3b6231a8c689ff240a5036a7acae47421cda58aaa6938374d4b84893cce0077bc8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    13KB

    MD5

    e93816c04327730d41224e7a1ba6dc51

    SHA1

    3f83b9fc6291146e58afce5b5447cd6d2f32f749

    SHA256

    ca06ccf12927ca52d8827b3a36b23b6389c4c6d4706345e2d70b895b79ff2ec8

    SHA512

    beaab5a12bfc4498cdf67d8b560ef0b0e2451c5f4634b6c5780a857666fd14f8a379f42e38be1beefa1c3578b2df913d901b271719ac6794bfaab0731bb77bca

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    13KB

    MD5

    acf40d5e6799231cf7e4026bad0c50a0

    SHA1

    8f0395b7e7d2aac02130f47b23b50d1eab87466b

    SHA256

    64b5b95fe56b6df4c2d47d771bec32bd89267605df736e08c1249b802d6d48d1

    SHA512

    f66a61e89231b6dc95b26d97f5647da42400bc809f70789b9afc00a42b94ea3487913860b69a1b0ee59ed5eb62c3a0cade9e21f95da35fdd42d8ce51c5507632

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\python310.dll
    Filesize

    4.3MB

    MD5

    63a1fa9259a35eaeac04174cecb90048

    SHA1

    0dc0c91bcd6f69b80dcdd7e4020365dd7853885a

    SHA256

    14b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed

    SHA512

    896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI22842\ucrtbase.dll
    Filesize

    1020KB

    MD5

    2c8fe06966d5085a595ffa3c98fe3098

    SHA1

    e82945e3e63ffef0974d6dd74f2aef2bf6d0a908

    SHA256

    de8d08d01291df93821314176381f3d1ae863e6c5584a7f8ea42f0b94b15ef65

    SHA512

    fb08838983c16082a362b3fc89d5b82e61ae629207c13c3cb76b8a0af557ad95c842ce5197ae458b5af61e5449cbab579f509fa72866308aa6fbd3d751522d0f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-file-l1-2-0.dll
    Filesize

    12KB

    MD5

    49e3260ae3f973608f4d4701eb97eb95

    SHA1

    097e7d56c3514a3c7dc17a9c54a8782c6d6c0a27

    SHA256

    476fbad616e20312efc943927ade1a830438a6bebb1dd1f83d2370e5343ea7af

    SHA512

    df22cf16490faa0dc809129ca32eaf1a16ec665f9c5411503ce0153270de038e5d3be1e0e49879a67043a688f6c42bdb5a9a6b3cea43bf533eba087e999be653

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-file-l2-1-0.dll
    Filesize

    12KB

    MD5

    7f14fd0436c066a8b40e66386ceb55d0

    SHA1

    288c020fb12a4d8c65ed22a364b5eb8f4126a958

    SHA256

    c78eab8e057bddd55f998e72d8fdf5b53d9e9c8f67c8b404258e198eb2cdcf24

    SHA512

    d04adc52ee0ceed4131eb1d133bfe9a66cbc0f88900270b596116064480afe6ae6ca42feb0eaed54cb141987f2d7716bb2dae947a025014d05d7aa0b0821dc50

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-localization-l1-2-0.dll
    Filesize

    15KB

    MD5

    71457fd15de9e0b3ad83b4656cad2870

    SHA1

    c9c2caf4f9e87d32a93a52508561b4595617f09f

    SHA256

    db970725b36cc78ef2e756ff4b42db7b5b771bfd9d106486322cf037115bd911

    SHA512

    a10fcf1d7637effff0ae3e3b4291d54cc7444d985491e82b3f4e559fbb0dbb3b6231a8c689ff240a5036a7acae47421cda58aaa6938374d4b84893cce0077bc8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-processthreads-l1-1-1.dll
    Filesize

    13KB

    MD5

    e93816c04327730d41224e7a1ba6dc51

    SHA1

    3f83b9fc6291146e58afce5b5447cd6d2f32f749

    SHA256

    ca06ccf12927ca52d8827b3a36b23b6389c4c6d4706345e2d70b895b79ff2ec8

    SHA512

    beaab5a12bfc4498cdf67d8b560ef0b0e2451c5f4634b6c5780a857666fd14f8a379f42e38be1beefa1c3578b2df913d901b271719ac6794bfaab0731bb77bca

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\api-ms-win-core-timezone-l1-1-0.dll
    Filesize

    13KB

    MD5

    acf40d5e6799231cf7e4026bad0c50a0

    SHA1

    8f0395b7e7d2aac02130f47b23b50d1eab87466b

    SHA256

    64b5b95fe56b6df4c2d47d771bec32bd89267605df736e08c1249b802d6d48d1

    SHA512

    f66a61e89231b6dc95b26d97f5647da42400bc809f70789b9afc00a42b94ea3487913860b69a1b0ee59ed5eb62c3a0cade9e21f95da35fdd42d8ce51c5507632

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\python310.dll
    Filesize

    4.3MB

    MD5

    63a1fa9259a35eaeac04174cecb90048

    SHA1

    0dc0c91bcd6f69b80dcdd7e4020365dd7853885a

    SHA256

    14b06796f288bc6599e458fb23a944ab0c843e9868058f02a91d4606533505ed

    SHA512

    896caa053f48b1e4102e0f41a7d13d932a746eea69a894ae564ef5a84ef50890514deca6496e915aae40a500955220dbc1b1016fe0b8bcdde0ad81b2917dea8b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI22842\ucrtbase.dll
    Filesize

    1020KB

    MD5

    2c8fe06966d5085a595ffa3c98fe3098

    SHA1

    e82945e3e63ffef0974d6dd74f2aef2bf6d0a908

    SHA256

    de8d08d01291df93821314176381f3d1ae863e6c5584a7f8ea42f0b94b15ef65

    SHA512

    fb08838983c16082a362b3fc89d5b82e61ae629207c13c3cb76b8a0af557ad95c842ce5197ae458b5af61e5449cbab579f509fa72866308aa6fbd3d751522d0f

    Download Submit